404 reporting

404 report

Scripted hacks

One of the widget plug-ins I use in this blog is one that gathers the URLs people use to access content here and that result in a 404 Not Found error. Those erroneous URLs get logged and, as admin, I can view them through the widget’s UI. The widget was written by an old mate, Scott Cate, for the GriffitiCMS blog engine (sorry, “CMS” engine), which is what I use here. He gave me the code a couple of years back and I’ve extended it a little to be able to clear the logs of the 404 errors. I do this perhaps once a week on average, because it just gets too depressing.

Here’s the latest report from the past week or so. As you can surmise, knowing that this blog is not WordPress, the 404 report is full of script kiddies trying their best to ferret out WordPress hackable security holes, by searching for the wp-admin folder among others. Either that or some PHP defect or other, which probably amounts to the same thing. (Aside: the first number in each line is the number of times the URL was accessed, the second is the numbers of distinct referral URLs. In this report, it so happens the referrals are other “not found” URLs.)

All I’ve got to say is: if you are running a WordPress site, just make sure it’s always patched, plug-ins and all. Your site is also being probed like mine and if there’s a flaw, it will be found with these automated scripts.

As I said, depressing.

Album cover for MetamorphosesNow playing:
Jarre, Jean Michel - C'est la vie
(from Metamorphoses)


404 report-banner

Loading similar posts...   Loading links to posts on similar topics...

1 Response

 avatar
#1 Grzegorz Wiktorowski said...
09-Oct-16 4:10 AM

From my website's log (today's entries):

46.21.172.147 46.21.172.147 - [09/Oct/2016:09:56:01 +0200] "GET /wp-admin/ HTTP/1.1" 404 1720 "-" "-" 166 1720 191.252.46.105 191.252.46.105 - [09/Oct/2016:10:04:40 +0200] "GET /test/wp-admin/ HTTP/1.1" 404 1720 "-" "-" 172 1720 213.147.103.86 213.147.103.86 - [09/Oct/2016:10:12:53 +0200] "GET /wordpress/wp-admin/ HTTP/1.1" 404 1720 "-" "-" 177 1720 212.227.109.180 212.227.109.180 - [09/Oct/2016:10:21:24 +0200] "GET /blog/wp-admin/ HTTP/1.1" 404 1720 "-" "-" 173 1720 64.71.32.26 64.71.32.26 - [09/Oct/2016:10:29:38 +0200] "GET /wp/wp-admin/ HTTP/1.1" 404 1720 "-" "-" 167 1720 103.247.8.208 103.247.8.208 - [09/Oct/2016:10:38:16 +0200] "GET /old/wp-admin/ HTTP/1.1" 404 1720 "-" "-" 170 1720 1

I don't use any CMS system - they sample sites randomly.

Leave a response

Note: some MarkDown is allowed, but HTML is not. Expand to show what's available.

  •  Emphasize with italics: surround word with underscores _emphasis_
  •  Emphasize strongly: surround word with double-asterisks **strong**
  •  Link: surround text with square brackets, url with parentheses [text](url)
  •  Inline code: surround text with backticks `IEnumerable`
  •  Unordered list: start each line with an asterisk, space * an item
  •  Ordered list: start each line with a digit, period, space 1. an item
  •  Insert code block: start each line with four spaces
  •  Insert blockquote: start each line with right-angle-bracket, space > Now is the time...
Preview of response